Blog – Articles

Breach Response & Monitoring

Data breaches are a serious business. There can be significant repercussions for organisations for failing to notify the relevant parties of a breach, when required to do so.

Risks & Data Protection Impact Assessments

The first step towards implementing an effective data protection framework is to understand the risks associated with how your organisation processes personal data.

Records of Processing & Lawful Basis

As an organisation, you are legally required to document your data processing activities. You must include the type of data categories, where the information is stored, how it is used and the legal basis for processing.

Policies & Procedures

GDPR policies and procedures are designed to provide systemic structure, thus creating clarity and consistency by laying out precisely what people need to do and why.

Individual’s Rights

Respecting the rights of individuals isn’t just good practice, it will also facilitate your organisations’ compliance with the other six key principles of the GDPR.

Record Management & Security

Having an effective records management system in place helps to support access to information, which in turn enables more effective use of resources, so you can easily find and access historical data.

Training & Awareness

Training is essential when it comes to generating awareness around data protection. It’s also a vital part of putting your company’s policies and procedures into practice.

A Guide to Accountability, According to the ICO

‘Accountability’ is one of the 7 Principles under the GDPR (General Data Protection Regulation), but various organisations offer differing perspectives on what accountability actually means.

Contracts & Data Sharing

When sharing data between organisations there should always be an accompanying contract or agreement that clearly defines the roles and responsibilities of each party, so they may be held accountable for their part.


Transparency is an important data protection principle, and crucial to businesses when adopting a ‘data protection by design and by default’ approach.